/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

package Pagos.Herramientas.Generales;

import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.Statement;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 *
 * @author FCCCRTI05
 */
public class ComprobarPassword extends HttpServlet
{

    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException
    {
        PrintWriter out = response.getWriter();
        //REINICIO DEL BUFFER
        response.reset();
        response.resetBuffer();
        response.setContentType("text/xml; charset=ISO-8859-1");
        response.setHeader("Cache-Control","no-cache");
        try
        {
            //CONEXION A LA BD
            db.Conexion conectar = (db.Conexion)request.getSession().getAttribute("db");
            db.CodificadorDecodificador codificador = (db.CodificadorDecodificador)request.getSession().getAttribute("codificador");
            if (conectar != null)
            {
                Connection conex = conectar.ObtenerConexionSQLServer();
                if (conex.isClosed() == false)
                {
                    if ((request.getParameter("flag") != null)
                    &&(request.getParameter("password") != null)
                    &&(request.getParameter("flag").equals("ok")))
                    {
                        //PARAMETROS
                        String usuario = conectar.ObtenerUsuario();
                        String password = request.getParameter("password");
                        String password_bd = null;
                        Statement s = null;
			ResultSet rs = null;
                        //SALIDA XML
                        s = conex.createStatement();
                        rs = s.executeQuery("select usuario_usu,password_usu from F55_PAGOS_USUARIOS where usuario_usu like "+"'"+usuario+"'");
                        while (rs.next())
                            password_bd = codificador.decrypt(rs.getString("password_usu"));
                        rs.close();
                        if (password.equals(password_bd))
                        {
                            out.write("<datos>");
                            out.write("<valido>Si</valido>");
                            out.write("<correcta>Si</correcta>");
                            out.write("</datos>");
                        }
                        else
                        {
                            out.write("<datos>");
                            out.write("<valido>Si</valido>");
                            out.write("<correcta>No</correcta>");
                            out.write("</datos>");
                        }
                        rs.close();
			s.close();
                    }
                }
                if (conex.isClosed() == true)
                {
                    out.write("<datos>");
                    out.write("<valido>No</valido>");
                    out.write("<correcta>Sesion</correcta>");
                    out.write("</datos>");
                }
            }
            if (conectar == null)
            {
                out.write("<datos>");
                out.write("<valido>No</valido>");
                out.write("<correcta>Sesion</correcta>");
                out.write("</datos>");
            }
        }
        catch (Exception x)
        {
            out.write("<datos>");
            out.write("<valido>No</valido>");
            out.write("<correcta>"+x.getMessage()+"</correcta>");
            out.write("</datos>");
        }
        finally
        {
            out.flush();
            out.close();
        }
    }

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException
    {
        processRequest(request, response);
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException
    {
        processRequest(request, response);
    }
}